Hci Compute Node Bios Security Vulnerabilities - November 2020
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-1...
3.6CVSS
4.9AI Score
0.001EPSS
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
5.5CVSS
5.6AI Score
0.0005EPSS
Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local access.
6.7CVSS
6.8AI Score
0.0004EPSS
Use of potentially dangerous function in Intel BIOS platform sample code for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
7.8CVSS
7.1AI Score
0.0004EPSS
Out of bounds write in Intel BIOS platform sample code for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
6.7CVSS
6.8AI Score
0.0004EPSS
Improper access control in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
6.7CVSS
6.7AI Score
0.0004EPSS